Skip Navigation

CISO as a Service


The CISO role is a constantly changing and expanding to include broader responsibilities within the corporate information security structure. Today, CISOs are not only responsible for ensuring the confidentiality, integrity, and availability of corporate networks, they must now also protect all corporate assets from both external and internal threats. This task becomes increasingly complex and requires an individual with experience across multiple information and network security domains.


For most organizations, a full-time CISO is simply too expensive and roles and responsibilities are dispersed among multiple people across several corporate units. This leads to a security program that is diffuse, inefficient, and reactive at best.

How CISO-as-a-Service can help your business.

CISO-as-a-service is new ITMG offering, in partnership with Slate Enclave, LLC, that is available to businesses looking to ensure that they have security leadership, without the need to recruit and employ a permanent member of staff. CISO-as-a-service removes both the cost burden and the challenge of finding the right person by making available industry recognized experts who can be leveraged, as needed, to cover the information security needs of the business. CISO-as-a-service is designed for organizations that need someone to take responsibility for the growth and management of their information security program, but don’t need or can’t afford a full-time CISO.

The Cost of Hiring a Full-Time CISO

Hiring a CISO is expensive. Not including the cost of finding, recruiting, and processing, it will cost you an average of $222,000 per year to hire a full-time CISO . Let’s see how this breaks down:

Average base salary:$205,000
Legally required benefits (social security and Medicare)$16,400
Life, health, disability insurance$17,425
Paid leave (vacation, holiday, sick, personal)$14,350
Employer contribution to retirement$9,225
Supplemental pay$5,125

We provide everything you need at a fraction of this cost!

Flexible and Tailored Pricing Model + Expertise = ROI

CISO-as-a-service is based on a flexible-retainer model. This means you only pay for services that you actually use, so we eliminate the guesswork as well as the need to pay a full-time CISO to “sit in his chair.” If you don’t use your hours for the month, they simply rollover to the next month. There are multiple factors that contribute to the retainer amount, but it is always a fraction of the cost of hiring an CISO . Typically, CISO clients realize 75-80% savings over hiring a full-time CISO , and because they are getting a dedicated resource with access to bona fide insider threat experts, they get a lot more for their money!

What’s included in CISO-as-a-Service?

With CISO as-a-service, any service ITMG or Slate Enclave offers is immediately available to you. Typically, organizations engage us to add information security expertise and guidance to their team, create information security policies and procedures, conduct risk assessments, and perform penetration testing. Once in our CISO-as-a-Service program, you have immediate, discounted access to all ITMG and Slate Enclave offerings including:

  1. Program Development
  2. Policy and Procedure Creation
  3. Employee Investigations
  4. Incident Response
  5. Tool Selection and Implementation
  6. Strategic Advising
  7. Legal and Privacy Consulting
  8. Training and Awareness
  9. Insider Risk Assessments
  10. Penetration Testing